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What is Claimed is: 



1 . A method executed in a computer system for restricting access to a device 
comprising: 

5 receiving a data operation in connection with the device; 

determining a type of said device as one of restricted access and standard access; 
determining if an opcode associated with said data operation is included in one of 
a first set of opcodes and a second set of opcodes, said first set of opcodes specifying 
standard data operations, and said second set of opcodes specifying restricted data 
10 operations; 

determining a target location associated with said data operation; and 
in response to determining one of said first and said second sets of opcodes, said 
type, and said target location, determining if said data operation is valid. 



15 2. The method of Claim 1, further comprising: 

determining that said data operation is valid if said opcode is included in said 
second set and said type is restricted. 



3. The method of Claim 2, further comprising: 
20 determining that said data operation is valid if said opcode is included in said first 

set and said type is standard. 
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4. The method of Claim 3, further comprising: 

determining that said data operation is valid in response to determining that said 
opcode is included in said first set, said type is restricted and said location is one of 
standard access on said device. 

5. The method of Claim 4, further comprising: 

performing said data operation in response to determining that said data operation 
is valid and otherwise performing error processing. 

6. The method of Claim 5, wherein each of said first and second sets of opcodes 
includes a read opcode and a write opcode, each of the opcodes included in said first set 
being different from each of said opcodes included in said second set. 

7. The method of Claim 1, further comprising: 

recognizing a device which is of type restricted access by all hosts included in the 
computer system. 

8. The method of Claim 7, further comprising: 

restricting access to a recognized device to a particular host in the computer 
system by having said particular host perform data operations to said recognized device 
using opcodes included in said second set. 
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9. The method of Claim 8, wherein only a specific software program executing in 
the particular computer system is able to access said recognized device by performing 
data operations using opcodes included in said second set. 

10. The method of Claim 9, further comprising: 

changing a status associated with a recognized device between restricted and 
standard. 

11. The method of Claim 10, further comprising: 

using a configuration file and value included therein to specify said status. 

12. The method of Claim 9, further comprising: 

performing a data operation to said recognized device that includes a file that is 
accessible by a plurality of hosts, a first of said plurality of hosts having exclusive access 
to said file by performing data operations in connection with said recognized device 
using opcodes included in said second set. 

13. The method of Claim 1, further comprising: 

installing an application programming interface on a host included in said 
computer system performing said data operation; and 

using said application programming interface to issue said data operation. 
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14. The method of Claim 13, further comprising: 

configuring said application programming interface in accordance with a device 
configuration associated with said host wherein said device configuration includes said 
host accessing at least one device as a restricted access device. 

5 

15. A computer program product for restricting access to a device comprising: 
machine executable code that receives a data operation in connection with the 

device; 

machine executable code that determines a type of said device as one of restricted 
10 access and standard access; 

machine executable code that determines if an opcode associated with said data 
operation is included in one of a first set of opcodes and a second set of opcodes, said 
first set of opcodes specifying standard data operations, and said second set of opcodes 
specifying restricted data operations; 
15 machine executable code that determines a target location associated with said 

data operation; and 

machine executable code that, in response to determining one of said first and said 
second sets of opcodes, said type, and said target location, determines if said data 
operation is valid. 

20 

16. The computer program product of Claim 15, further comprising: 
machine executable code that determines that said data operation is valid if said 

opcode is included in said second set and said type is restricted. 
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17. The computer program product of Claim 16, further comprising: 
machine executable code that determines that said data operation is valid if said 

opcode is included in said first set and said type is standard. 

18. The computer program product of Claim 17, further comprising: 
machine executable code that determines that said data operation is valid in 

response to determining that said opcode is included in said first set, said type is 
restricted and said location is one of standard access on said device. 

19. The computer program product of Claim 18, further comprising: 
machine executable code that performs said data operation in response to 

determining that said data operation is valid and otherwise performing error processing. 

20. The computer program product of Claim 1 9, wherein each of said first and 
second sets of opcodes includes a read opcode and a write opcode, each of the opcodes 
included in said first set being different from each of said opcodes included in said 
second set. 

21 . The computer program product of Claim 1 5, further comprising: 
machine executable code that recognizes a device which is of type restricted 

access by all hosts included in the computer system. 
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22. The machine executable code of Claim 21, further comprising: 
machine executable code that restricts access to a recognized device to a 

particular host in the computer system by having said particular host perform data 
operations to said recognized device using opcodes included in said second set. 

23. The computer program product of Claim 22, wherein only a specific software 
program executing in the particular computer system is able to access said recognized 
device by performing data operations using opcodes included in said second set. 

24. The computer program product of Claim 23, further comprising: 
machine executable code that changes a status associated with a recognized 

device between restricted and standard. 

25. The computer program product of Claim 24, further comprising: 
machine executable code that uses a configuration file and value included therein 
to specify said status. 

26. The computer program product of Claim 23, further comprising: 

machine executable code that performs a data operation to said recognized device 
that includes a file that is accessible by a plurality of hosts, a first of said plurality of 
hosts having exclusive access to said file by performing data operations in connection 
with said recognized device using opcodes included in said second set. 
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27. The computer program product of Claim 15, further comprising: 
machine executable code that installs an application programming interface on a 

host included in said computer system performing said data operation; and 

machine executable code that uses said application programming interface to 
5 issue said data operation. 

28. The computer program product of Claim 27, further comprising: 
machine executable code that configures said application programming interface 

in accordance with a device configuration associated with said host wherein said device 
10 configuration includes said host accessing at least one device as a restricted access 
device. 



29. An apparatus for restricting access to a device in a computer system 
comprising: 

1 5 means for receiving a data operation in connection with the device; 

means for determining a type of said device as one of restricted access and 
standard access; 

means for determining if an opcode associated with said data operation is 
included in one of a first set of opcodes and a second set of opcodes, said first set of 
20 opcodes specifying standard data operations, and said second set of opcodes specifying 
restricted data operations; 

means for determining a target location associated with said data operation; and 
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means for determining, in response to said means for determining one of said first 

and said second sets of opcodes, said type, and said target location, if said data operation 

is valid. 

30. The apparatus of Claim 29, further comprising: 

means for determining that said data operation is valid if said opcode is included 
in said second set and said type is restricted. 

31. The apparatus of Claim 30, further comprising: 

means for determining that said data operation is valid if said opcode is included 
in said first set and said type is standard. 

32. The apparatus of Claim 31, further comprising: 

means for determining that said data operation is valid in response to determining 
that said opcode is included in said first set, said type is restricted and said location is one 
of standard access on said device. 

33. The apparatus of Claim 32, further comprising: 

means for performing said data operation in response to determining that said data 
operation is valid and otherwise performing error processing. 
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34. The apparatus of Claim 33, wherein each of said first and second sets of 
opcodes includes a read opcode and a write opcode, each of the opcodes included in said 
first set being different from each of said opcodes included in said second set. 

35. The apparatus of Claim 29 s further comprising: 

means for recognizing a device which is of type restricted access by all hosts 
included in the computer system. 

36. The apparatus of Claim 35, further comprising: 

means for restricting access to a recognized device to a particular host in the 
computer system by having said particular host perform data operations to said 
recognized device using opcodes included in said second set. 

37. The apparatus of Claim 36, wherein only a specific software program 
executing in the particular computer system is able to access said recognized device by 
performing data operations using opcodes included in said second set. 

38. The apparatus of Claim 37, further comprising: 

means for changing a status associated with a recognized device between 
restricted and standard. 
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39. The apparatus of Claim 38, further comprising: 

means for using a configuration file and value included therein to specify said 
status. 



5 40. The apparatus of Claim 37, further comprising: 

means for performing a data operation to said recognized device that includes a 
file that is accessible by a plurality of hosts, a first of said plurality of hosts having 
exclusive access to said file by performing data operations in connection with said 
recognized device using opcodes included in said second set. 

10 

41. The apparatus of Claim 29, further comprising: 

means for installing an application programming interface on a host included in 
said computer system performing said data operation; and 

means for using said application programming interface to issue said data 
15 operation. 

42. The apparatus of Claim 41, further comprising: 

means for configuring said application programming interface in accordance with 
a device configuration associated with said host wherein said device configuration 
20 includes said host accessing at least one device as a restricted access device. 
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